Msgify logo
Msgify

Privacy Policy for Msgify

Last updated: March 4, 2026

This Privacy Policy ("Policy") describes how Msgify ("we," "us," or "our") collects, uses, and shares information about you when you use our platform and services available at https://msgify.vercel.app/ ("Services").

By using Msgify, you agree to the collection and use of information in accordance with this Policy. If you do not agree, please do not use our Services.

Questions or concerns? Contact us at shamunkhatri@gmail.com.

Table of Contents

  1. What Information Do We Collect?
  2. How Do We Process Your Information?
  3. What Legal Bases Do We Rely On?
  4. When and With Whom Do We Share Your Information?
  5. Do We Use Cookies and Tracking Technologies?
  6. How Do We Handle Social Logins?
  7. WhatsApp Business & Meta Integration
  8. How Long Do We Keep Your Information?
  9. How Do We Keep Your Information Safe?
  10. Do We Collect Information from Minors?
  11. What Are Your Privacy Rights?
  12. Controls for Do-Not-Track Features
  13. Do We Make Updates to This Policy?
  14. How Can You Contact Us?

1. What Information Do We Collect?

Information You Provide to Us

We collect information you voluntarily provide when you register, use, or contact us about our Services. This includes:

  • Account information: Name, email address, username, and password.
  • Business information: Business name, phone number, and mailing address (if provided).
  • WhatsApp Business credentials: WhatsApp Business Account (WABA) ID, phone number ID, and access tokens obtained through Meta's Embedded Signup flow. These are stored securely and never exposed publicly.
  • Payment data: If you purchase a paid plan, payment is processed by our third-party payment provider. We do not store your full card details on our servers.
  • Communications: Messages or inquiries you send to us.

Information Collected Automatically

When you access our Services, we automatically collect certain technical data, including:

  • Log and usage data: IP address, browser type, operating system, pages visited, timestamps, and feature usage.
  • Device data: Device type, screen resolution, and settings.
  • Cookies and similar technologies: Session identifiers and preference data (see Section 5).

Information from Third Parties

We may receive limited information from third-party services when you connect them to Msgify, such as:

  • Meta / Facebook: When you connect your WhatsApp Business Account via Meta's Embedded Signup, we receive your WABA ID, phone number ID, and an access token on your behalf. See Section 7 for details.
  • Authentication providers: If you sign in via Google or another OAuth provider, we receive basic profile information (name, email, profile picture) as permitted by your provider's privacy settings.

2. How Do We Process Your Information?

We process your information to:

  • Provide and maintain our Services: Including sending and receiving WhatsApp messages, managing contacts, running broadcasts, and delivering chatbot automation on your behalf.
  • Manage your account: So you can log in, configure your workspace, and manage settings.
  • Process payments: To fulfill your subscription or plan purchases.
  • Communicate with you: Responding to support requests, sending service-related notices, and (with consent) marketing communications.
  • Improve our Services: Internal analytics, debugging, and product development.
  • Ensure security and prevent fraud: Monitoring for abuse, unauthorized access, and legal compliance.

3. What Legal Bases Do We Rely On?

If you are in the EU / UK (GDPR):

  • Contract: We process your data to fulfil our agreement with you (e.g., providing the WhatsApp messaging platform).
  • Legitimate interests: To improve our Services and prevent fraud.
  • Consent: For optional marketing communications; you may withdraw at any time.
  • Legal obligation: Where required by law.

If you are in Canada:

We rely on express or implied consent and applicable exceptions under Canadian privacy law (PIPEDA).

4. When and With Whom Do We Share Your Information?

We do not sell your personal information. We may share information in the following circumstances:

  • Service providers: We use trusted third-party vendors to operate our Services (e.g., database hosting, payment processing, email delivery). Each processes data only for the purposes we direct.
  • Meta Platforms, Inc.: When you use WhatsApp features, messages are transmitted via Meta's Cloud API. Meta's data handling is governed by Meta's Privacy Policy.
  • Business transfers: If Msgify is acquired or merged, your data may be transferred as part of that transaction.
  • Legal requirements: We may disclose information if required by law, court order, or to protect our legal rights.

5. Do We Use Cookies and Tracking Technologies?

Yes. We use cookies and similar technologies to:

  • Maintain your login session.
  • Remember your preferences and workspace settings.
  • Collect aggregate analytics about how the platform is used.

You can configure your browser to refuse cookies. Note that doing so may affect some features of the platform.

6. How Do We Handle Social Logins?

If you register or log in using Google or another social login provider, we receive basic profile information (name, email address, and profile picture) as allowed by your provider's privacy settings. We use this information solely to create and manage your Msgify account.

7. WhatsApp Business & Meta Integration

Msgify is a WhatsApp Business Solution. When you connect your WhatsApp Business Account via Meta's Embedded Signup:

  • Meta issues an access token to Msgify on your behalf. This token is stored encrypted in our database and is used solely to send/receive messages and manage templates via the WhatsApp Cloud API.
  • We store your WABA ID, Phone Number ID, and display phone number to identify your account.
  • End-user message data (conversations with your customers) is transmitted through Meta's infrastructure. We store message logs within your workspace to provide inbox and analytics features.
  • You can disconnect your WhatsApp Business Account at any time from your Settings page, which revokes our access to your Meta credentials.

We are an independent Service Provider and are not affiliated with Meta Platforms, Inc.

8. How Long Do We Keep Your Information?

We retain your personal information for as long as your account is active or as needed to provide our Services. Specifically:

  • Account data: Retained for the duration of your account plus up to 36 months after account closure, unless a longer period is required by law.
  • Message logs and contact data: Retained within your workspace for as long as you keep your account. You may delete contacts and conversations at any time.
  • Access tokens: Deleted immediately upon account disconnection or closure.

When there is no ongoing legitimate business need to retain your information, we will securely delete or anonymize it.

9. How Do We Keep Your Information Safe?

We implement appropriate technical and organisational security measures, including:

  • Encryption of sensitive credentials (WhatsApp access tokens) at rest.
  • HTTPS/TLS encryption for all data in transit.
  • Access controls to limit who within our team can access your data.

No system is 100% secure. We cannot guarantee that unauthorized parties will never gain access to your data. Please use the Services within a secure environment and notify us immediately if you suspect any unauthorized access.

10. Do We Collect Information from Minors?

Msgify is not directed to individuals under 18 years of age. We do not knowingly collect personal information from minors. If we learn that we have collected personal information from a minor, we will delete that information promptly. Contact us at shamunkhatri@gmail.com if you have concerns.

11. What Are Your Privacy Rights?

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate data.
  • Erasure: Request deletion of your personal data.
  • Restriction: Request that we limit processing of your data.
  • Data portability: Receive your data in a structured, machine-readable format.
  • Objection: Object to processing based on legitimate interests.
  • Withdraw consent: Withdraw consent at any time where processing is based on consent.

To exercise your rights, contact us at shamunkhatri@gmail.com. We will respond in accordance with applicable data protection law (within 30 days for GDPR requests, 45 days for CCPA requests).

EU/UK residents: If you believe we are processing your data unlawfully, you have the right to lodge a complaint with your local data protection authority. Find your authority here.

Account Deletion

To delete your account and associated data, go to Settings → Account or email us at shamunkhatri@gmail.com. We will deactivate and delete your account within a reasonable period, subject to retention obligations described above.

12. Controls for Do-Not-Track Features

We do not currently respond to Do-Not-Track ("DNT") browser signals, as no uniform standard has been finalized. If a standard is adopted that we are required to follow, we will update this Policy accordingly.

13. Do We Make Updates to This Policy?

Yes. We may update this Policy from time to time to reflect changes in our practices or applicable law. The "Last updated" date at the top will reflect the most recent revision. For material changes, we will notify you via email or a notice within the platform. We encourage you to review this Policy periodically.

14. How Can You Contact Us?

If you have questions, concerns, or requests regarding this Policy, please contact us:

Email: shamunkhatri@gmail.com

Website: https://msgify.vercel.app/